(Washington) The United States revealed Thursday that it has indicted four Russian hackers, linked to the government of their country, for attacks committed between 2012 and 2018 against hundreds of entities in the energy sector around the world.
Posted at 5:55 p.m.
“Hackers linked to the Russian state pose a serious and ongoing threat to critical infrastructure in the United States and around the world,” Assistant Attorney General Lisa Monaco said in a statement.
“Although the lawsuits revealed today relate to past activities, they clearly show that American companies must strengthen their defenses and remain vigilant,” she added, echoing President Joe Biden.
On Monday, the tenant of the White House considered that the companies of his country had a “patriotic” duty to better protect themselves against the risk of computer attacks carried out by Russia in response to Western sanctions imposed since the invasion of the ‘Ukraine.
The two files made public on Thursday, however, predate the war.
A first indictment, adopted in June 2021 by a grand jury in Washington, targets Evgueni Gladkikh, a 36-year-old programmer linked to the Russian Ministry of Defense. He is accused of having participated in the attack against a refinery in a third country, in 2017, with a malware called Triton.
The document does not specify where this refinery was located, but the security systems of a Saudi petrochemical plant were attacked with this software in 2017.
It targeted sulphide emissions monitoring systems and “could have caused explosions or toxic gas releases,” a senior ministry official said.
According to the US Department of Justice, the accused and his accomplices then attempted to carry out a comparable attack against infrastructure in the United States, without achieving their ends.
$10 million
A second indictment, adopted in August 2021 in Kansas, targets Pavel Akoulov, Mikhail Gavrilov and Marat Tyoukov, suspected of being agents of the Russian security services (FSB) who carried out a wave of attacks against the global security sector. energy between 2012 and 2017.
In a first phase, dubbed “Dragonfly”, they would have introduced malware into legitimate software updates, contaminating more than 17,000 devices.
In a second phase, “Dragonfly 2.0”, they would have carried out 3,300 phishing attempts in more than 500 entities, including against the Nuclear Regulatory Commission in the United States. An American nuclear plant located in Kansas would also have been targeted.
None of those charged has been arrested, but the State Department has offered a reward of up to ten million dollars for any information leading to their whereabouts.
For her part, British Foreign Minister Liz Truss announced sanctions against the “Central Institute for Scientific Research in Chemistry and Mechanics”, the agency linked to the Russian Ministry of Defense where Evgueni Gladkikh worked.
“By sanctioning those who target people, businesses and infrastructure, we send a clear message to the Kremlin: we will not let them do it,” commented the minister.